package edu.hcmus.sow.web.interceptor;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.acls.domain.BasePermission;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import edu.hcmus.sow.domain.Folder;
import edu.hcmus.sow.domain.Project;
import edu.hcmus.sow.service.DocumentService;
import edu.hcmus.sow.service.ProjectService;
import edu.hcmus.sow.service.SecurityService;
import edu.hcmus.sow.utils.SecurityUtil;

public class GlobalInterceptor extends HandlerInterceptorAdapter {
   @Autowired
   private DocumentService documentService;

   @Autowired
   private ProjectService projectService;

   @Autowired
   private SecurityService securityService;

   // before the actual handler will be executed
   public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
      return true;
   }

   // after the handler is executed
   public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView mav)
         throws Exception {
      if (SecurityContextHolder.getContext().getAuthentication() != null && mav != null) {
         List<Folder> result = documentService.getAuthorizedRepositories(SecurityUtil.getCurrentClient());
         List<Project> list = projectService.getAuthorizedProjects(SecurityUtil.getCurrentClient());

         List<Folder> repositories = new ArrayList<Folder>();
         // has permission
         for (Folder f : result) {
            if (securityService.hasPermission(f, BasePermission.READ, BasePermission.WRITE,
                  BasePermission.ADMINISTRATION) || securityService.hasRole("ROLE_ADMINISTRATOR"))
               repositories.add(f);
         }

         List<Project> projects = new ArrayList<Project>();
         for (Project p : list) {
            if (securityService.hasPermission(p, BasePermission.READ, BasePermission.WRITE,
                  BasePermission.ADMINISTRATION) || securityService.hasRole("ROLE_ADMINISTRATOR"))
               projects.add(p);
         }

         // get authentication
         SecurityContextHolderAwareRequestWrapper wrapper = new SecurityContextHolderAwareRequestWrapper(request, "");

         // modified the existing modelAndView
         mav.addObject("menuRepositories", repositories);
         mav.addObject("menuProjects", projects);
         request.setAttribute("loggedinUsername", SecurityUtil.getCurrentLoggedinUsername());
         request.setAttribute("isAdmin", wrapper.isUserInRole("ROLE_ADMINISTRATOR"));
      }
   }
}